Re: Writing Secure code[update]

From: Warwick Molloy (wmolloyat_private)
Date: Fri Jan 03 2003 - 16:31:56 PST

  • Next message: Pavel Kankovsky: "RE:Writing Secure code[update]"

    The URL is broken.  Try http://csrc.nist.gov/cc for their home page
    From here, version 2.1 of the CC is available.
    
    
    On Wed, 1 Jan 2003 17:51:20 +0530
    "K K Mookhey" <ctoat_private> wrote:
    
    > This is pretty good, and needs not much introduction
    > The Common Criteria for Information Technology Security Evaluation:
    > Download at: http://csrc.nist.gov/cc/ccv20/ccv2list.htm
    > The CC is also an ISO standard 15408:1999.
    > This is what we attempt to follow as much as possible when evaluating
    > software.
    > There are also accredited agencies certified to do CC evals.
    > 
    > K. K. Mookhey
    > Chief Technology Officer
    > Network Intelligence India Pvt. Ltd.
    > Email: ctoat_private
    > Web: www.nii.co.in
    > Tel: 91-22-22001530/22006019
    > =============================
    > The Unix Auditor's Practical Handbook
    > http://www.nii.co.in/tuaph.html
    > =============================
    > 
    > 
    > > So, how about directing our focus with a aim at reaching a
    > > methodology/conclusion as to what can be done (by us + others) to say
    > bring
    > > up some ideas of some kind of a standard/practice which aims at following
    > > certain guidelines to be taken at the design stage of any software
    > > development process that could help us prevent the code getting
    > > exploited.(If something like this already exists please do let me
    > know..this
    > > shall save a lot of time!).
    > 
    > 
    > 
    



    This archive was generated by hypermail 2b30 : Fri Jan 03 2003 - 18:46:05 PST